diff options
author | Sylvain Beucler <beuc@beuc.net> | 2022-11-17 16:25:17 +0100 |
---|---|---|
committer | Sylvain Beucler <beuc@beuc.net> | 2022-11-17 16:25:17 +0100 |
commit | eced38e6e8be713b7ea3a69568c949a8cfc3841f (patch) | |
tree | 44ee42fb92ee77bbfb3da76ac46476ed8256dfcb | |
parent | 6dd286d5103bcf709d01a5268aaa8847848251ee (diff) |
Reserve DLA-3197-1 for phpseclib
-rw-r--r-- | data/DLA/list | 3 | ||||
-rw-r--r-- | data/dla-needed.txt | 6 |
2 files changed, 3 insertions, 6 deletions
diff --git a/data/DLA/list b/data/DLA/list index 9986a51f51..746dc25ab0 100644 --- a/data/DLA/list +++ b/data/DLA/list @@ -1,3 +1,6 @@ +[17 Nov 2022] DLA-3197-1 phpseclib - security update + {CVE-2021-30130} + [buster] - phpseclib 1.0.19-3~deb10u1 [17 Nov 2022] DLA-3196-1 thunderbird - security update {CVE-2022-45403 CVE-2022-45404 CVE-2022-45405 CVE-2022-45406 CVE-2022-45408 CVE-2022-45409 CVE-2022-45410 CVE-2022-45411 CVE-2022-45412 CVE-2022-45416 CVE-2022-45418 CVE-2022-45420 CVE-2022-45421} [buster] - thunderbird 1:102.5.0-1~deb10u1 diff --git a/data/dla-needed.txt b/data/dla-needed.txt index bc90ecbc38..510959a47d 100644 --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -260,12 +260,6 @@ php7.3 (Emilio) NOTE: 20221031: Programming language: C. NOTE: 20221031: CVE-2022-37454 is what is of most concern. -- -phpseclib (Sylvain Beucler) - NOTE: 20220909: Programming language: PHP. - NOTE: 20220909: Note the discussion whether 1.0 is in fact affected by the CVE or not. It looks like it is affected by a small part of it that is best to fix.. (ola) - NOTE: 20221104: Attempted to clarify vulnerability status (cf. 02cd83d1d917dc5964440185226aa11e40058546) (Beuc) - NOTE: 20221108: buster is missing testsuite in both phpseclib packages, contacted maintainer to decide whether to backport testsuite or just bump version (Beuc) --- pluxml NOTE: 20220913: Programming language: PHP. NOTE: 20220913: Special attention: orphaned package. |